CVE-2026-56695

OpenHarness - Cross-Session Disclosure via /resume and /summary Commands

CVSS 7.1 HIGHCWE-862

In short

OpenHarness gateway allows anyone with access to shared channels to view other users' saved session data (snapshots) containing private information like passwords and files. This happens because two commands (/resume and /summary) are set to allow remote access by default.

Technical detail

The /resume and /summary commands in OpenHarness ohmo gateway have remote_invocable set to True by default, enabling authenticated remote actors to enumerate and instantiate arbitrary session snapshots by ID within shared gateway channels. This disclosure vulnerability exposes sensitive data including private prompts, credentials, tool outputs, and file paths from victim sessions without additional authorization checks.

Summary generated and translated by AI from the official description.

OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can exploit this to access victim snapshots containing private prompts, credentials, tool output, and file paths via shared gateway channels.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

HKUDS · OpenHarness

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/HKUDS/OpenHarness/commit/92e298852c9b9c8c2266236292073623418c640a https://github.com/HKUDS/OpenHarness/pull/276 https://www.vulncheck.com/advisories/openharness-cross-session-disclosure-via-resume-and-summary-commands